Store central secure origin

esp32_device/main/constants.h

@@ -13,4 +13,9 @@
 /**
  * Private key max length
  */
-#define PRV_KEY_DER_MAX_BYTES 1500
+#define PRV_KEY_DER_MAX_BYTES 1500
+
+/**
+ * Secure origin len
+ */
+#define SEC_ORIG_LEN 255

esp32_device/main/http_client.c

@@ -118,7 +118,7 @@ esp_err_t _http_event_handler(esp_http_client_event_t *evt)
 
 char *http_client_exec(const http_request_opts *opts)
 {
-    char local_response_buffer[MAX_HTTP_OUTPUT_BUFFER + 1] = {0};
+    char *local_response_buffer = calloc(MAX_HTTP_OUTPUT_BUFFER + 1, 1);
 
     ESP_LOGI(TAG, "Perform HTTP request on %s", opts->url);
 
@@ -129,26 +129,39 @@ char *http_client_exec(const http_request_opts *opts)
         .disable_auto_redirect = true,
     };
     esp_http_client_handle_t client = esp_http_client_init(&config);
+
+    if (client == NULL)
+    {
+        ESP_LOGE(TAG, "Failed to initialize HTTP connection!");
+        free(local_response_buffer);
+        return NULL;
+    }
+
+    ESP_LOGD(TAG, "esp_http_client_perform start");
     esp_err_t err = esp_http_client_perform(client);
+    ESP_LOGD(TAG, "esp_http_client_perform end");
+
+    if (err != ESP_OK)
+    {
+        esp_http_client_cleanup(client);
+        free(local_response_buffer);
+        ESP_LOGE(TAG, "HTTP request failed with code %d!", err);
+        return NULL;
+    }
 
     const int status = esp_http_client_get_status_code(client);
     const int64_t resp_len = esp_http_client_get_content_length(client);
 
     esp_http_client_cleanup(client);
 
-    if (err != ESP_OK)
-    {
-        ESP_LOGE(TAG, "HTTP request failed with code %xd!", err);
-        return NULL;
-    }
-
     if (status < 200 || status > 299)
     {
         ESP_LOGE(TAG, "HTTP request failed with status %d!", status);
+        free(local_response_buffer);
         return NULL;
     }
 
     local_response_buffer[resp_len] = 0;
 
-    return strdup(local_response_buffer);
+    return local_response_buffer;
 }

esp32_device/main/main.c

@@ -8,6 +8,7 @@
 #include "crypto.h"
 #include "unsecure_api.h"
 #include "ethernet.h"
+#include "constants.h"
 
 static const char *TAG = "main";
 
@@ -48,9 +49,23 @@ void app_main(void)
     ethernet_wait_for_network();
 
     ESP_LOGI(TAG, "Check secure origin\n");
-    char *sec_orig = unsecure_api_get_secure_origin();
+    if (storage_get_secure_origin(NULL) == 0)
-    assert(sec_orig != NULL);
+    {
-    printf("Res = %s\n", sec_orig);
+        char *sec_ori = unsecure_api_get_secure_origin();
+        if (!sec_ori)
+        {
+            ESP_LOGE(TAG, "Failed to fetch secure origin!");
+            reboot();
+        }
+        storage_set_secure_origin(sec_ori);
+        free(sec_ori);
+    }
+
+    ESP_LOGI(TAG, "Get secure origin\n");
+    char *sec_ori = calloc(SEC_ORIG_LEN, 1);
+    assert(storage_get_secure_origin(sec_ori) > 0);
+    ESP_LOGI(TAG, "Current secure origin: %s", sec_ori);
+    free(sec_ori);
 
     system_sleep(120);
 

esp32_device/main/storage.c

@@ -9,6 +9,7 @@
 
 #define DEV_NAME_KEY "dev_name"
 #define PRIVATE_KEY "prikey"
+#define SEC_ORIG_KEY "secureOrig"
 
 static const char *TAG = "storage";
 
@@ -28,25 +29,25 @@ bool storage_init()
     return err == ESP_OK;
 }
 
-void storage_set_dev_name(const char *name)
+static void storage_set_str(const char *key, const char *value)
 {
     nvs_handle_t my_handle;
 
     ESP_ERROR_CHECK(nvs_open(STORAGE_NAMESPACE, NVS_READWRITE, &my_handle));
 
-    ESP_ERROR_CHECK(nvs_set_blob(my_handle, DEV_NAME_KEY, name, strlen(name) + 1));
+    ESP_ERROR_CHECK(nvs_set_blob(my_handle, key, value, strlen(value) + 1));
 
     nvs_close(my_handle);
 }
 
-size_t storage_get_dev_name(char *dest)
+static size_t storage_get_str(const char *key, size_t dest_len, char *dest)
 {
     nvs_handle_t my_handle;
 
     ESP_ERROR_CHECK(nvs_open(STORAGE_NAMESPACE, NVS_READWRITE, &my_handle));
 
-    size_t len = (dest == NULL ? 0 : DEV_NAME_LEN);
+    size_t len = (dest == NULL ? 0 : dest_len);
-    esp_err_t res = nvs_get_blob(my_handle, DEV_NAME_KEY, dest, &len);
+    esp_err_t res = nvs_get_blob(my_handle, key, dest, &len);
 
     nvs_close(my_handle);
 
@@ -58,6 +59,16 @@ size_t storage_get_dev_name(char *dest)
     return len;
 }
 
+void storage_set_dev_name(const char *name)
+{
+    storage_set_str(DEV_NAME_KEY, name);
+}
+
+size_t storage_get_dev_name(char *dest)
+{
+    return storage_get_str(DEV_NAME_KEY, DEV_NAME_LEN, dest);
+}
+
 void storage_set_priv_key(unsigned char *key, size_t len)
 {
     nvs_handle_t my_handle;
@@ -86,4 +97,8 @@ size_t storage_get_priv_key(unsigned char *key)
     ESP_ERROR_CHECK(res);
 
     return len;
-}
+}
+
+void storage_set_secure_origin(const char *name) { storage_set_str(SEC_ORIG_KEY, name); }
+
+size_t storage_get_secure_origin(char *dest) { return storage_get_str(SEC_ORIG_KEY, SEC_ORIG_LEN, dest); }

esp32_device/main/storage.h

@@ -37,6 +37,16 @@ extern "C"
      */
     size_t storage_get_priv_key(unsigned char *key);
 
+    /**
+     * Write secure origin
+     */
+    void storage_set_secure_origin(const char *name);
+
+    /**
+     * Get current secure origin
+     */
+    size_t storage_get_secure_origin(char *dest);
+
 #ifdef __cplusplus
 }
 #endif

esp32_device/sdkconfig

@@ -1127,14 +1127,13 @@ CONFIG_HEAP_TRACING_OFF=y
 # CONFIG_LOG_DEFAULT_LEVEL_NONE is not set
 # CONFIG_LOG_DEFAULT_LEVEL_ERROR is not set
 # CONFIG_LOG_DEFAULT_LEVEL_WARN is not set
-CONFIG_LOG_DEFAULT_LEVEL_INFO=y
+# CONFIG_LOG_DEFAULT_LEVEL_INFO is not set
-# CONFIG_LOG_DEFAULT_LEVEL_DEBUG is not set
+CONFIG_LOG_DEFAULT_LEVEL_DEBUG=y
 # CONFIG_LOG_DEFAULT_LEVEL_VERBOSE is not set
-CONFIG_LOG_DEFAULT_LEVEL=3
+CONFIG_LOG_DEFAULT_LEVEL=4
 CONFIG_LOG_MAXIMUM_EQUALS_DEFAULT=y
-# CONFIG_LOG_MAXIMUM_LEVEL_DEBUG is not set
 # CONFIG_LOG_MAXIMUM_LEVEL_VERBOSE is not set
-CONFIG_LOG_MAXIMUM_LEVEL=3
+CONFIG_LOG_MAXIMUM_LEVEL=4
 # CONFIG_LOG_MASTER_LEVEL is not set
 CONFIG_LOG_COLORS=y
 CONFIG_LOG_TIMESTAMP_SOURCE_RTOS=y